+ All Categories
Home > Documents > Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the...

Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the...

Date post: 13-Jun-2020
Category:
Upload: others
View: 3 times
Download: 0 times
Share this document with a friend
15
12:51 AM7/8/2022 Technical Guideline for Virtual Private Network access services This document is continually updated from on going feedback for all. Please send to [email protected] costa.ca.us . This document is located at http://www.co.contra-costa.ca.us/depart/it/wan/vpn/index.htm A) Secure Virtual Private Network (VPN) access services . 1) Network Services Provided: a) IP network services b) Citrix access c) CCC DNS services d) CCC Departmental WINS services e) Mainframe and AS400 f) End users may only access authorized Servers and internal network(s) based on their department requirements. 2) Minimum computer configuration: a) Microsoft Windows 95b or ORS2, 98, ME, NT4.0WS SP5, 2000 pro, 2000 server with/without SP1. b) 64 megs RAM (128 megs for 2000) c) 40 megs free to install VPN client d) TCP/IP protocol e) Interface for the Internet access. (Typically a network interface card.) 3) Minimum User supplied Internet Access Bandwidth: a) 128kpbs bi-directional (i.e. Home DSL or Cable) Actual bandwidth requirements may be higher or lower depending on application needs. For example; Mainframe or AS400 or Lotus Notes (travel mode) only users could run on 28.8kpbs modem Point to Point Protocol (PPP) dialup connections; though, the performance
Transcript
Page 1: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023Technical Guideline for Virtual Private Network access services

This document is continually updated from on going feedback for all. Please send to [email protected] document is located at http://www.co.contra-costa.ca.us/depart/it/wan/vpn/index.htm

A) Secure Virtual Private Network (VPN) access services .

1) Network Services Provided:

a) IP network servicesb) Citrix accessc) CCC DNS servicesd) CCC Departmental WINS servicese) Mainframe and AS400f) End users may only access authorized Servers and internal network(s)

based on their department requirements.

2) Minimum computer configuration:

a) Microsoft Windows 95b or ORS2, 98, ME, NT4.0WS SP5, 2000 pro, 2000 server with/without SP1.

b) 64 megs RAM (128 megs for 2000)c) 40 megs free to install VPN clientd) TCP/IP protocol e) Interface for the Internet access. (Typically a network interface card.)

3) Minimum User supplied Internet Access Bandwidth:

a) 128kpbs bi-directional (i.e. Home DSL or Cable)Actual bandwidth requirements may be higher or lower depending on application needs.

For example; Mainframe or AS400 or Lotus Notes (travel mode) only users could run on 28.8kpbs modem Point to Point Protocol (PPP) dialup connections; though, the performance will be very slow. Thus, modem connections are not recommended.

4) Firewall and router considerations:

a) For either DSL or Cable modem users, the router supplied by the carrier must allow Internet Protocol Security (IPSEC) protocols (check with the carrier). Also, if a DSL router/firewall is added, it must also allow IPSEC protocols. Currently, for the home market, only the Linksys DSL router supports IPSEC.

b) For software base firewalls, only the NAI’s McAfee Personal Firewall 2.14 has been tested to work properly.

5) Authentication Method:

Page 2: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

a) RSA SecurID server with RSA SecurID cards or key fobs plus a personal pin codes for each user. SecurID cards cannot be shared.

b) Triple Digital Electronic Security (DES) IPSEC tunneling protocol is used.

c) Point to Point Tunneling Protocol (PPTP) or IPSEC over PPTP is not currently available.

6) Traffic control:

a) Split tunnel

B) Roll Out Procedure:

1) Network Administrators may request user logon ids and securid devices via an online form in Lotus Notes.

The following information will be required:

a) Department (selectable)b) User Name and Phone Numberc) ASO Name, Phone Number, and Email address.d) Department Number and ORG Number.

(The “Contra Costa County DoIT/Telecommunications Work Request” form must be used if the online form in Lotus Notes is not available)

User Ids will be set to first initial followed by the last name.The initial password is the number displayed on the securid device. Then a prompt will be displayed requesting a personal pin code. This will require the user to choose a 4 to 8 alphanumeric personal pin code. The personal pin code will now be used in conjunction with the securid displayed code.

For example:

User Id is = jdoePersonal code is “123open”Current securid device display is “379966”

Passcode to enter will be “123open379966”

Pass codes are case sensitive.

2) Client side software installation program

“vpnclient-win-is-4.6.01.0019-k9.exe”. This is available from

http://www.co.contra-costa.ca.us/depart/it/wan/vpn/index.htm

Page 3: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

3) Prerequisites to install this client:Ensure that the Network interface adapter and TCP/IP protocol is installed and working correctly.

Connect to the internet and verify access to the internet. Ping “vgw1.co.contra-costa.ca.us “ to verify basic connectivity to VPN access server. This resolves to 64.166.144.5.

C) Installing the VPN client software:

Close or disable all windows applications such as antivirus, 3rd party screen savers, palm desktop sync software, and basically anything that can be closed.

Create a temporary directory “vpninstall” on your computer c: drive: c:\vpninstall. (the directory name is not critical, as long as you keep track of it)

Connect to the internet and use a browser to download from http://www.co.contra-costa.ca.us/depart/it/wan/vpn/index.htm the client driver “vpnclient-win-is-4.8.01.0300-k9.exe ” and save it to c:\vpninstall.

Select “Start” + “Run” and browse to locate “C:\vpninstall\ vpnclient-win-is-4.8.01.0300-k9.exe” to run the program:

Double click on vpnclient-win-is-4.8.01.0300-k9.exe

Page 4: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

Then click run

It’s opening file in the temporary folder

Page 5: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

Click run

Browse to c:\vpninstall--- that you have created a fold for that.

Page 6: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

Then select Unzip

then “OK” and “Close” at the end of the unzip.

Page 7: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

Click ok after the files are unzip.

It will start to install

Page 8: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

Checking for computer space requirements. After done, the VPN setup prompt will disappear

Page 9: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023Next, select “Start” + “Run” and browse for c:\vpninstall\vpnclient_setup.exe:

Accept all the defaults and then reboot the computer.

Reboot the computer.

D) Go to Start, Program, Cisco Systems VPN Client, and select VPN Client

Page 10: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

E) Create shortcut to your desktop.

F) Click the shortcut and VPN Client dialog will open up

G) To create a Connection Entry, click on new icon

Page 11: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

H) The information to input will provide by WAN Group.

Page 12: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023Connection Entry : Your department Host : vgw1.co.contra-costa.ca.usName and Passowrd :Provided by WAN Group.

After click SAVE

I)You will see your Connection Entry in side the dialog box. Highlight it and click On connection which other dialog box will prompt you for user id and passcode:

Page 13: Secure Virtual Private Network (VPN) access services€¦ · Web viewGroupname. The passcode is the vpn token number show on the token ring. K) After you click ok, the dialog box

7:55 AM5/20/2023

J) You input your first letter of your first name and your whole last name in Groupname. The passcode is the vpn token number show on the token ring.

K) After you click ok, the dialog box will prompt you to create a pincode. Create a pincode and tab down to confirm it. Then click ok.

L) It will go back to VPN CLIENT /GROUP AUTHENTICATION LOGON. Now put your user id and the pincode you just created with vpn token number.

.


Recommended